A widespread phishing scam hit Google Docs users yesterday, making their Gmail accounts and contact lists vulnerable to hackers. A phishing attack usually entails attackers trying to retrieve personal information from users through unscrupulous emails disguised as important messages, attempting to provoke unsuspecting users into freely disclosing their personal information. However, this is not what happened with the Google Docs phishing scam.
The attackers used a more sophisticated approach, creating a non-Google web app, which they cleverly named - Google Docs. They then sent out emails to Gmail users asking them to edit a document on Google Docs, which appeared to have been sent by a known contact. Those who clicked on the Google Docs phishing link, were redirected to a real Google sign-in screen and asked to “continue to Docs.” This, then fooled users to grant access and permissions to the malicious Google Docs web app. Below is a snapshot of the permission screen -
If you read carefully, Google does not ask users for such permissions usually. If you were one who received such an email yesterday, you better change all your passwords immediately and warn people in your contacts list. The attackers apparently sends similar spam emails to contacts of users who clicked on the phishing link. Here are some reactions to the attack on Twitter -
The problem that hackers were able to exploit here is that Google allowed them to create a third-party web app named ‘Google Docs’, and also let them work within Google’s system. Here’s what happens when you check the app title for its developer information -
@verge@backlon@reckless a spammer just used google Oauth API to compromise google accounts while passing the authentication through google pic.twitter.com/ugHnqZ2M6K — Darren McClung (@kcconejito) May 3, 2017
Users who suspect they have been hacked, could go to Google’s Connected Apps and Sites page and revoke permissions granted to the malicious app.
What does Google have to say about all this? Well, the good news is that the company has managed to fix the issue. In a statement to the Verge, Google said, “We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.” The company also Tweeted out the following message -
We are investigating a phishing email that appears as Google Docs. We encourage you to not click through, & report as phishing within Gmail. — Gmail (@gmail) May 3, 2017
We still don’t have any information on how many Gmail accounts were compromised in this phishing scam, although, multiple reports indicate this was a “massive” and “large” attack.
Other Popular Deals
- 10 websites and applications you must know about8 music streaming services worth trying out
- 6 ways to start learning Microsoft AzureHow to improve your Firefox browsing experience
- The 12 most hilarious YouTube channels10 Microsoft Big Data Success Stories
- Weird but interesting websites you ought to bookmark right...Next year, these attacks will threaten your cybersecurity
- Why you won't need cable or DTH in 2017On International Internet Day, know your internet
- 10 reasons to trust Azure with your data10 YouTube sci-tech channels every geek should follow
- 15 apps and websites to accomplish everyday tasks15 must have chrome extensions